Adultery website, Ashley Madison is at the forefront of a hacking scandal despite reassurances about the site’s confidentiality. The data released includes information on members, their activity and the CEO’s e-mail correspondence. In an ironic twist, leaked documents show that the CTO in collaboration with employees, and the CEO of parent company Avid Life Media, discovered a security flaw in rival site, Nerve.com. The company accessed the competitor’s entire database and had the ability to change records for their own purpose. A snippet from the e-mail exchange provides an insight into their ruthless strategy:
“They did a very lousy job building their platform. I got their entire user base,”
“Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.”
In a hilarious twist, Raja Bhatia, the founding chief technology officer outlined the company’s own security problems before allegedly hacking a competing site:
“With what we inherited with Ashley[Madison.com], security was an obvious afterthought, and I didn’t focus on it either,”
“I am pretty sure we stored passwords without any cryptography so a database leak would expose all account credentials.”
Ashley Madison is a very devise website, and its CEO isn’t the most lovable of characters. Furthermore, if the company conducted hacking as suggested in the e-mails, they could be prosecuted under the Computer Fraud and Abuse Act. Personally, I have very little sympathy for a company which promotes cheating, and supposedly engages in the behaviour it becomes outraged by.
Thank you Wired for providing us with this information.